High

CVE-2001-1376 - Unspecified vulnerability in multiple products

Publication: 2002-03-04
Summary

Buffer overflow in digest calculation function of multiple RADIUS implementations allows remote attackers to cause a denial of service and possibly execute arbitrary code via shared secret data.

Risk level (CVSS 7.5)

High

7.5

Access Vector

  • Network
  • Adjacent Network
  • Local

Access Complexity

  • Low
  • Medium
  • High

Authentication

  • None
  • Single
  • Multiple

Confident. Impact

  • Complete
  • Partial
  • None

Integrity Impact

  • Complete
  • Partial
  • None

Affected Products

  • Freeradius Freeradius 0.2
  • Freeradius Freeradius 0.3
  • Radiusclient Radiusclient 0.3.1
  • Openradius Openradius 0.8
  • Openradius Openradius 0.9
  • Openradius Openradius 0.9.1
  • Openradius Openradius 0.9.2
  • Openradius Openradius 0.9.3
  • Icradius Icradius 0.14
  • Icradius Icradius 0.15
  • Icradius Icradius 0.16
  • Icradius Icradius 0.17
  • Icradius Icradius 0.18
  • Icradius Icradius 0.18.1
  • GNU Radius 0.92.1
  • GNU Radius 0.93
  • GNU Radius 0.94
  • GNU Radius 0.95
  • Yard Radius Project Yard Radius 1.0.16
  • Yard Radius Yard Radius 1.0.17
  • Yard Radius Yard Radius 1.0.18
  • Yard Radius Yard Radius 1.0.19
  • Yard Radius Yard Radius 1.0_pre13
  • Miquel VAN Smoorenburg Cistron Radius 1.6.1
  • Icradius Icradius 0.17b
  • Miquel VAN Smoorenburg Cistron Radius 1.6_.0
  • Yard Radius Yard Radius 1.0_pre15
  • Yard Radius Yard Radius 1.0_pre14
  • Xtradius Xtradius 1.1_pre1
  • Miquel VAN Smoorenburg Cistron Radius 1.6.2
  • Miquel VAN Smoorenburg Cistron Radius 1.6.3
  • Miquel VAN Smoorenburg Cistron Radius 1.6.4
  • Miquel VAN Smoorenburg Cistron Radius 1.6.5
  • Ascend Radius 1.16
  • Lucent Radius 2.0
  • Livingston Radius 2.0
  • Livingston Radius 2.0.1
  • Lucent Radius 2.0.1
  • Lucent Radius 2.1
  • Livingston Radius 2.1